No announcement yet.

FTP thru Cisco 2600

  • Filter
  • Time
  • Show
Clear All
new posts

  • FTP thru Cisco 2600

    Howdy guys

    Be great if someone could offer advice on an ftp problem I have.

    One of our users needs to ftp to a certain site, which he can fully access from any location out with our corporate network. But he cannot access this particular ftp site from within our network, though he can access other ftp sites from within the network.

    There is a rule which allows his pc (and the system admins pc's also) to get straight through checkpoint and out onto the internet; checking the tracker logs on this confirms ftp-pasv is allowed through.
    The weird thing (for me) is that the ftp site allows one to logon successfully, but allows nothing after that. For example, a simple DIR command results in a '200 PORT Command Successful' then times out with this message: '425 Unable to build data connection: Connection timed out'

    Before hitting our firewall and getting out onto the internet, all pc's in our office go through a Cisco 2600, and I'm wondering if this is where the problem lies. I suspect this because if I test access to the ftp site from one of our email filter servers (which connects straight to the firewall and doesn't go through the router) then access to the ftp site is perfect, whether via command line or via IE.
    The only thing I can think of is that the Cisco 2600 is somehow affecting passive ftp. However, not being much of a Cisco hand, it's only a guess.

    Anyone able to shed some light on this?


  • #2
    Re: FTP thru Cisco 2600

    Is this 2600 doing NAT or any other features or just straight IP routing?
    Brian Desmond
    Microsoft MVP - Directory Services